Get Publishable Key

Generate and manage publishable keys for authenticating with Cyborg services.

What are Publishable Keys?

Publishable keys are the primary authentication mechanism for ChatSDK, connecting your React SDK to backend services. They provide:

• Authentication: Verify the identity of your client application
• Authorization: Control access to resources and features
• Rate Limiting: Enforce usage quotas per project
• Usage Tracking: Monitor and attribute API usage and costs
• Environment Separation: Distinguish between test and production environments

Key Format

Format: cpk_{environment}_{secret}

Examples:
  - cpk_live_ak1nDk3jF9sL2mP0qR8tU7vW5xY6zB4cE3fG2hI1jK0
  - cpk_test_pQ9rS8tU7vW6xY5zB4cE3fG2hI1jK0mN1oP2qR3sT4u

Generating Publishable Keys

1. Log into the Cyborg Admin UI
2. Navigate to the API Keys section
3. Click "Generate New Key"
4. Choose your environment:
   • Test: For development and testing
   • Live: For production use
5. Copy your key immediately (it won't be shown again)
6. Store it securely (use environment variables)

Using Your Publishable Key

In React Applications

import { CyborgProvider } from '@cyborg-sdk/react'

function App() {
  return (
    <CyborgProvider config={{ publishableKey: process.env.REACT_APP_CYBORG_PUBLISHABLE_KEY }}>
      {/* Your app */}
    </CyborgProvider>
  )
}

Environment Variables

Never commit publishable keys to version control. Use environment variables:

# .env.local
REACT_APP_CYBORG_PUBLISHABLE_KEY=cpk_live_your_key_here

Security Best Practices

• ✅ Store keys in environment variables
• ✅ Never commit keys to version control
• ✅ Use test keys for development
• ✅ Rotate keys regularly
• ✅ Revoke compromised keys immediately
• ❌ Don't share keys between projects
• ❌ Don't use production keys for testing

Key Management

Revoking Keys

If a key is compromised:

1. Go to API Keys in Admin UI
2. Find the compromised key
3. Click "Revoke"
4. Generate a new key
5. Update your application

Monitoring Usage

Track API usage per key:

• Request counts
• Rate limit hits
• Error rates
• Cost attribution

For more details, see the Admin UI API Keys Documentation.

Next: Install SDK →